A hacking group calling itself "LulzSec Reborn" is boasting of hacking MilitarySingles.com and leaking the email addresses of more than 170,000 of the dating site's members.
The group posted links on the file-sharing site Pastebin to a database of 170,937 email accounts belonging to members of the site. In a very short message accompanying the data dump, the hacktivists said they obtained emails ending in us.army.mil, navy.mil and Microsoft.com, among others. Under the world "LulzSec" written in dollar signs, the group wrote, "Laughing at your security since 2011."
The "dating site for single soldiers," as Military Singles bills itself, is run by Esingles Inc., and is not affiliated with the U.S. military. Esingles has not commented on the hack yet, and did not immediately return a request to SecurityNewsDaily for comment.
Graham Cluley, senior technology consultant at the security firm Sophos, examined the leaked data and found it to contain not just email addresses but also usernames, real names and in some cases physical addresses.
By virtue of its name, LulzSec Reborn is positing itself as the reincarnation of LulzSec, the famously eccentric and daring group that hacked dozens of high-profile targets during a closely watched 50-day stretch last summer. LulzSec's targets included PBS, the CIA and the U.S. Senate. A number of LulzSec's members were arrested earlier this year, with help from Hector Xavier Monsegur, also known as "Sabu," the group's former leader turned informant.
Given the anonymity of the Internet, there's no way to be sure LulzSec Reborn is affiliated with the original hacktivists.
In a Sophos blog post, Cluley advised anyone who has ever used Military Singles to change their password, and recommended they not use the same password anywhere else online.
